• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (C) 2007 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <stdio.h>
18 #include <stdlib.h>
19 #include <unistd.h>
20 #include <errno.h>
21 #include <string.h>
22 #include <ctype.h>
23 
24 #include "sysdeps.h"
25 
26 #define  TRACE_TAG  TRACE_SOCKETS
27 #include "adb.h"
28 
29 ADB_MUTEX_DEFINE( socket_list_lock );
30 
31 static void local_socket_close_locked(asocket *s);
32 
sendfailmsg(int fd,const char * reason)33 int sendfailmsg(int fd, const char *reason)
34 {
35     char buf[9];
36     int len;
37     len = strlen(reason);
38     if(len > 0xffff) len = 0xffff;
39     snprintf(buf, sizeof buf, "FAIL%04x", len);
40     if(writex(fd, buf, 8)) return -1;
41     return writex(fd, reason, len);
42 }
43 
44 //extern int online;
45 
46 static unsigned local_socket_next_id = 1;
47 
48 static asocket local_socket_list = {
49     .next = &local_socket_list,
50     .prev = &local_socket_list,
51 };
52 
53 /* the the list of currently closing local sockets.
54 ** these have no peer anymore, but still packets to
55 ** write to their fd.
56 */
57 static asocket local_socket_closing_list = {
58     .next = &local_socket_closing_list,
59     .prev = &local_socket_closing_list,
60 };
61 
find_local_socket(unsigned id)62 asocket *find_local_socket(unsigned id)
63 {
64     asocket *s;
65     asocket *result = NULL;
66 
67     adb_mutex_lock(&socket_list_lock);
68     for (s = local_socket_list.next; s != &local_socket_list; s = s->next) {
69         if (s->id == id) {
70             result = s;
71             break;
72         }
73     }
74     adb_mutex_unlock(&socket_list_lock);
75 
76     return result;
77 }
78 
79 static void
insert_local_socket(asocket * s,asocket * list)80 insert_local_socket(asocket*  s, asocket*  list)
81 {
82     s->next       = list;
83     s->prev       = s->next->prev;
84     s->prev->next = s;
85     s->next->prev = s;
86 }
87 
88 
install_local_socket(asocket * s)89 void install_local_socket(asocket *s)
90 {
91     adb_mutex_lock(&socket_list_lock);
92 
93     s->id = local_socket_next_id++;
94     insert_local_socket(s, &local_socket_list);
95 
96     adb_mutex_unlock(&socket_list_lock);
97 }
98 
remove_socket(asocket * s)99 void remove_socket(asocket *s)
100 {
101     // socket_list_lock should already be held
102     if (s->prev && s->next)
103     {
104         s->prev->next = s->next;
105         s->next->prev = s->prev;
106         s->next = 0;
107         s->prev = 0;
108         s->id = 0;
109     }
110 }
111 
close_all_sockets(atransport * t)112 void close_all_sockets(atransport *t)
113 {
114     asocket *s;
115 
116         /* this is a little gross, but since s->close() *will* modify
117         ** the list out from under you, your options are limited.
118         */
119     adb_mutex_lock(&socket_list_lock);
120 restart:
121     for(s = local_socket_list.next; s != &local_socket_list; s = s->next){
122         if(s->transport == t || (s->peer && s->peer->transport == t)) {
123             local_socket_close_locked(s);
124             goto restart;
125         }
126     }
127     adb_mutex_unlock(&socket_list_lock);
128 }
129 
local_socket_enqueue(asocket * s,apacket * p)130 static int local_socket_enqueue(asocket *s, apacket *p)
131 {
132     D("LS(%d): enqueue %d\n", s->id, p->len);
133 
134     p->ptr = p->data;
135 
136         /* if there is already data queue'd, we will receive
137         ** events when it's time to write.  just add this to
138         ** the tail
139         */
140     if(s->pkt_first) {
141         goto enqueue;
142     }
143 
144         /* write as much as we can, until we
145         ** would block or there is an error/eof
146         */
147     while(p->len > 0) {
148         int r = adb_write(s->fd, p->ptr, p->len);
149         if(r > 0) {
150             p->len -= r;
151             p->ptr += r;
152             continue;
153         }
154         if((r == 0) || (errno != EAGAIN)) {
155             D( "LS(%d): not ready, errno=%d: %s\n", s->id, errno, strerror(errno) );
156             s->close(s);
157             return 1; /* not ready (error) */
158         } else {
159             break;
160         }
161     }
162 
163     if(p->len == 0) {
164         put_apacket(p);
165         return 0; /* ready for more data */
166     }
167 
168 enqueue:
169     p->next = 0;
170     if(s->pkt_first) {
171         s->pkt_last->next = p;
172     } else {
173         s->pkt_first = p;
174     }
175     s->pkt_last = p;
176 
177         /* make sure we are notified when we can drain the queue */
178     fdevent_add(&s->fde, FDE_WRITE);
179 
180     return 1; /* not ready (backlog) */
181 }
182 
local_socket_ready(asocket * s)183 static void local_socket_ready(asocket *s)
184 {
185         /* far side is ready for data, pay attention to
186            readable events */
187     fdevent_add(&s->fde, FDE_READ);
188 //    D("LS(%d): ready()\n", s->id);
189 }
190 
local_socket_close(asocket * s)191 static void local_socket_close(asocket *s)
192 {
193     adb_mutex_lock(&socket_list_lock);
194     local_socket_close_locked(s);
195     adb_mutex_unlock(&socket_list_lock);
196 }
197 
198 // be sure to hold the socket list lock when calling this
local_socket_destroy(asocket * s)199 static void local_socket_destroy(asocket  *s)
200 {
201     apacket *p, *n;
202     int exit_on_close = s->exit_on_close;
203 
204     D("LS(%d): destroying fde.fd=%d\n", s->id, s->fde.fd);
205 
206         /* IMPORTANT: the remove closes the fd
207         ** that belongs to this socket
208         */
209     fdevent_remove(&s->fde);
210 
211         /* dispose of any unwritten data */
212     for(p = s->pkt_first; p; p = n) {
213         D("LS(%d): discarding %d bytes\n", s->id, p->len);
214         n = p->next;
215         put_apacket(p);
216     }
217     remove_socket(s);
218     free(s);
219 
220     if (exit_on_close) {
221         D("local_socket_destroy: exiting\n");
222         exit(1);
223     }
224 }
225 
226 
local_socket_close_locked(asocket * s)227 static void local_socket_close_locked(asocket *s)
228 {
229     D("entered. LS(%d) fd=%d\n", s->id, s->fd);
230     if(s->peer) {
231         D("LS(%d): closing peer. peer->id=%d peer->fd=%d\n",
232           s->id, s->peer->id, s->peer->fd);
233         s->peer->peer = 0;
234         // tweak to avoid deadlock
235         if (s->peer->close == local_socket_close) {
236             local_socket_close_locked(s->peer);
237         } else {
238             s->peer->close(s->peer);
239         }
240         s->peer = 0;
241     }
242 
243         /* If we are already closing, or if there are no
244         ** pending packets, destroy immediately
245         */
246     if (s->closing || s->pkt_first == NULL) {
247         int   id = s->id;
248         local_socket_destroy(s);
249         D("LS(%d): closed\n", id);
250         return;
251     }
252 
253         /* otherwise, put on the closing list
254         */
255     D("LS(%d): closing\n", s->id);
256     s->closing = 1;
257     fdevent_del(&s->fde, FDE_READ);
258     remove_socket(s);
259     D("LS(%d): put on socket_closing_list fd=%d\n", s->id, s->fd);
260     insert_local_socket(s, &local_socket_closing_list);
261 }
262 
local_socket_event_func(int fd,unsigned ev,void * _s)263 static void local_socket_event_func(int fd, unsigned ev, void *_s)
264 {
265     asocket *s = _s;
266 
267     D("LS(%d): event_func(fd=%d(==%d), ev=%04x)\n", s->id, s->fd, fd, ev);
268 
269     /* put the FDE_WRITE processing before the FDE_READ
270     ** in order to simplify the code.
271     */
272     if(ev & FDE_WRITE){
273         apacket *p;
274 
275         while((p = s->pkt_first) != 0) {
276             while(p->len > 0) {
277                 int r = adb_write(fd, p->ptr, p->len);
278                 if(r > 0) {
279                     p->ptr += r;
280                     p->len -= r;
281                     continue;
282                 }
283                 if(r < 0) {
284                     /* returning here is ok because FDE_READ will
285                     ** be processed in the next iteration loop
286                     */
287                     if(errno == EAGAIN) return;
288                     if(errno == EINTR) continue;
289                 }
290                 D(" closing after write because r=%d and errno is %d\n", r, errno);
291                 s->close(s);
292                 return;
293             }
294 
295             if(p->len == 0) {
296                 s->pkt_first = p->next;
297                 if(s->pkt_first == 0) s->pkt_last = 0;
298                 put_apacket(p);
299             }
300         }
301 
302             /* if we sent the last packet of a closing socket,
303             ** we can now destroy it.
304             */
305         if (s->closing) {
306             D(" closing because 'closing' is set after write\n");
307             s->close(s);
308             return;
309         }
310 
311             /* no more packets queued, so we can ignore
312             ** writable events again and tell our peer
313             ** to resume writing
314             */
315         fdevent_del(&s->fde, FDE_WRITE);
316         s->peer->ready(s->peer);
317     }
318 
319 
320     if(ev & FDE_READ){
321         apacket *p = get_apacket();
322         unsigned char *x = p->data;
323         size_t avail = MAX_PAYLOAD;
324         int r;
325         int is_eof = 0;
326 
327         while(avail > 0) {
328             r = adb_read(fd, x, avail);
329             D("LS(%d): post adb_read(fd=%d,...) r=%d (errno=%d) avail=%d\n", s->id, s->fd, r, r<0?errno:0, avail);
330             if(r > 0) {
331                 avail -= r;
332                 x += r;
333                 continue;
334             }
335             if(r < 0) {
336                 if(errno == EAGAIN) break;
337                 if(errno == EINTR) continue;
338             }
339 
340                 /* r = 0 or unhandled error */
341             is_eof = 1;
342             break;
343         }
344         D("LS(%d): fd=%d post avail loop. r=%d is_eof=%d forced_eof=%d\n",
345           s->id, s->fd, r, is_eof, s->fde.force_eof);
346         if((avail == MAX_PAYLOAD) || (s->peer == 0)) {
347             put_apacket(p);
348         } else {
349             p->len = MAX_PAYLOAD - avail;
350 
351             r = s->peer->enqueue(s->peer, p);
352             D("LS(%d): fd=%d post peer->enqueue(). r=%d\n", s->id, s->fd, r);
353 
354             if(r < 0) {
355                     /* error return means they closed us as a side-effect
356                     ** and we must return immediately.
357                     **
358                     ** note that if we still have buffered packets, the
359                     ** socket will be placed on the closing socket list.
360                     ** this handler function will be called again
361                     ** to process FDE_WRITE events.
362                     */
363                 return;
364             }
365 
366             if(r > 0) {
367                     /* if the remote cannot accept further events,
368                     ** we disable notification of READs.  They'll
369                     ** be enabled again when we get a call to ready()
370                     */
371                 fdevent_del(&s->fde, FDE_READ);
372             }
373         }
374         /* Don't allow a forced eof if data is still there */
375         if((s->fde.force_eof && !r) || is_eof) {
376             D(" closing because is_eof=%d r=%d s->fde.force_eof=%d\n", is_eof, r, s->fde.force_eof);
377             s->close(s);
378         }
379     }
380 
381     if(ev & FDE_ERROR){
382             /* this should be caught be the next read or write
383             ** catching it here means we may skip the last few
384             ** bytes of readable data.
385             */
386 //        s->close(s);
387         D("LS(%d): FDE_ERROR (fd=%d)\n", s->id, s->fd);
388 
389         return;
390     }
391 }
392 
create_local_socket(int fd)393 asocket *create_local_socket(int fd)
394 {
395     asocket *s = calloc(1, sizeof(asocket));
396     if (s == NULL) fatal("cannot allocate socket");
397     s->fd = fd;
398     s->enqueue = local_socket_enqueue;
399     s->ready = local_socket_ready;
400     s->close = local_socket_close;
401     install_local_socket(s);
402 
403     fdevent_install(&s->fde, fd, local_socket_event_func, s);
404 /*    fdevent_add(&s->fde, FDE_ERROR); */
405     //fprintf(stderr, "Created local socket in create_local_socket \n");
406     D("LS(%d): created (fd=%d)\n", s->id, s->fd);
407     return s;
408 }
409 
create_local_service_socket(const char * name)410 asocket *create_local_service_socket(const char *name)
411 {
412     asocket *s;
413     int fd;
414 
415 #if !ADB_HOST
416     if (!strcmp(name,"jdwp")) {
417         return create_jdwp_service_socket();
418     }
419     if (!strcmp(name,"track-jdwp")) {
420         return create_jdwp_tracker_service_socket();
421     }
422 #endif
423     fd = service_to_fd(name);
424     if(fd < 0) return 0;
425 
426     s = create_local_socket(fd);
427     D("LS(%d): bound to '%s' via %d\n", s->id, name, fd);
428 
429 #if !ADB_HOST
430     if ((!strncmp(name, "root:", 5) && getuid() != 0)
431         || !strncmp(name, "usb:", 4)
432         || !strncmp(name, "tcpip:", 6)) {
433         D("LS(%d): enabling exit_on_close\n", s->id);
434         s->exit_on_close = 1;
435     }
436 #endif
437 
438     return s;
439 }
440 
441 #if ADB_HOST
create_host_service_socket(const char * name,const char * serial)442 static asocket *create_host_service_socket(const char *name, const char* serial)
443 {
444     asocket *s;
445 
446     s = host_service_to_socket(name, serial);
447 
448     if (s != NULL) {
449         D("LS(%d) bound to '%s'\n", s->id, name);
450         return s;
451     }
452 
453     return s;
454 }
455 #endif /* ADB_HOST */
456 
457 /* a Remote socket is used to send/receive data to/from a given transport object
458 ** it needs to be closed when the transport is forcibly destroyed by the user
459 */
460 typedef struct aremotesocket {
461     asocket      socket;
462     adisconnect  disconnect;
463 } aremotesocket;
464 
remote_socket_enqueue(asocket * s,apacket * p)465 static int remote_socket_enqueue(asocket *s, apacket *p)
466 {
467     D("entered remote_socket_enqueue RS(%d) WRITE fd=%d peer.fd=%d\n",
468       s->id, s->fd, s->peer->fd);
469     p->msg.command = A_WRTE;
470     p->msg.arg0 = s->peer->id;
471     p->msg.arg1 = s->id;
472     p->msg.data_length = p->len;
473     send_packet(p, s->transport);
474     return 1;
475 }
476 
remote_socket_ready(asocket * s)477 static void remote_socket_ready(asocket *s)
478 {
479     D("entered remote_socket_ready RS(%d) OKAY fd=%d peer.fd=%d\n",
480       s->id, s->fd, s->peer->fd);
481     apacket *p = get_apacket();
482     p->msg.command = A_OKAY;
483     p->msg.arg0 = s->peer->id;
484     p->msg.arg1 = s->id;
485     send_packet(p, s->transport);
486 }
487 
remote_socket_close(asocket * s)488 static void remote_socket_close(asocket *s)
489 {
490     D("entered remote_socket_close RS(%d) CLOSE fd=%d peer->fd=%d\n",
491       s->id, s->fd, s->peer?s->peer->fd:-1);
492     apacket *p = get_apacket();
493     p->msg.command = A_CLSE;
494     if(s->peer) {
495         p->msg.arg0 = s->peer->id;
496         s->peer->peer = 0;
497         D("RS(%d) peer->close()ing peer->id=%d peer->fd=%d\n",
498           s->id, s->peer->id, s->peer->fd);
499         s->peer->close(s->peer);
500     }
501     p->msg.arg1 = s->id;
502     send_packet(p, s->transport);
503     D("RS(%d): closed\n", s->id);
504     remove_transport_disconnect( s->transport, &((aremotesocket*)s)->disconnect );
505     free(s);
506 }
507 
remote_socket_disconnect(void * _s,atransport * t)508 static void remote_socket_disconnect(void*  _s, atransport*  t)
509 {
510     asocket*  s    = _s;
511     asocket*  peer = s->peer;
512 
513     D("remote_socket_disconnect RS(%d)\n", s->id);
514     if (peer) {
515         peer->peer = NULL;
516         peer->close(peer);
517     }
518     remove_transport_disconnect( s->transport, &((aremotesocket*)s)->disconnect );
519     free(s);
520 }
521 
create_remote_socket(unsigned id,atransport * t)522 asocket *create_remote_socket(unsigned id, atransport *t)
523 {
524     asocket *s = calloc(1, sizeof(aremotesocket));
525     adisconnect*  dis = &((aremotesocket*)s)->disconnect;
526 
527     if (s == NULL) fatal("cannot allocate socket");
528     s->id = id;
529     s->enqueue = remote_socket_enqueue;
530     s->ready = remote_socket_ready;
531     s->close = remote_socket_close;
532     s->transport = t;
533 
534     dis->func   = remote_socket_disconnect;
535     dis->opaque = s;
536     add_transport_disconnect( t, dis );
537     D("RS(%d): created\n", s->id);
538     return s;
539 }
540 
connect_to_remote(asocket * s,const char * destination)541 void connect_to_remote(asocket *s, const char *destination)
542 {
543     D("Connect_to_remote call RS(%d) fd=%d\n", s->id, s->fd);
544     apacket *p = get_apacket();
545     int len = strlen(destination) + 1;
546 
547     if(len > (MAX_PAYLOAD-1)) {
548         fatal("destination oversized");
549     }
550 
551     D("LS(%d): connect('%s')\n", s->id, destination);
552     p->msg.command = A_OPEN;
553     p->msg.arg0 = s->id;
554     p->msg.data_length = len;
555     strcpy((char*) p->data, destination);
556     send_packet(p, s->transport);
557 }
558 
559 
560 /* this is used by magic sockets to rig local sockets to
561    send the go-ahead message when they connect */
local_socket_ready_notify(asocket * s)562 static void local_socket_ready_notify(asocket *s)
563 {
564     s->ready = local_socket_ready;
565     s->close = local_socket_close;
566     adb_write(s->fd, "OKAY", 4);
567     s->ready(s);
568 }
569 
570 /* this is used by magic sockets to rig local sockets to
571    send the failure message if they are closed before
572    connected (to avoid closing them without a status message) */
local_socket_close_notify(asocket * s)573 static void local_socket_close_notify(asocket *s)
574 {
575     s->ready = local_socket_ready;
576     s->close = local_socket_close;
577     sendfailmsg(s->fd, "closed");
578     s->close(s);
579 }
580 
unhex(unsigned char * s,int len)581 unsigned unhex(unsigned char *s, int len)
582 {
583     unsigned n = 0, c;
584 
585     while(len-- > 0) {
586         switch((c = *s++)) {
587         case '0': case '1': case '2':
588         case '3': case '4': case '5':
589         case '6': case '7': case '8':
590         case '9':
591             c -= '0';
592             break;
593         case 'a': case 'b': case 'c':
594         case 'd': case 'e': case 'f':
595             c = c - 'a' + 10;
596             break;
597         case 'A': case 'B': case 'C':
598         case 'D': case 'E': case 'F':
599             c = c - 'A' + 10;
600             break;
601         default:
602             return 0xffffffff;
603         }
604 
605         n = (n << 4) | c;
606     }
607 
608     return n;
609 }
610 
611 #define PREFIX(str) { str, sizeof(str) - 1 }
612 static const struct prefix_struct {
613     const char *str;
614     const size_t len;
615 } prefixes[] = {
616     PREFIX("usb:"),
617     PREFIX("product:"),
618     PREFIX("model:"),
619     PREFIX("device:"),
620 };
621 static const int num_prefixes = (sizeof(prefixes) / sizeof(prefixes[0]));
622 
623 /* skip_host_serial return the position in a string
624    skipping over the 'serial' parameter in the ADB protocol,
625    where parameter string may be a host:port string containing
626    the protocol delimiter (colon). */
skip_host_serial(char * service)627 char *skip_host_serial(char *service) {
628     char *first_colon, *serial_end;
629     int i;
630 
631     for (i = 0; i < num_prefixes; i++) {
632         if (!strncmp(service, prefixes[i].str, prefixes[i].len))
633             return strchr(service + prefixes[i].len, ':');
634     }
635 
636     first_colon = strchr(service, ':');
637     if (!first_colon) {
638         /* No colon in service string. */
639         return NULL;
640     }
641     serial_end = first_colon;
642     if (isdigit(serial_end[1])) {
643         serial_end++;
644         while ((*serial_end) && isdigit(*serial_end)) {
645             serial_end++;
646         }
647         if ((*serial_end) != ':') {
648             // Something other than numbers was found, reset the end.
649             serial_end = first_colon;
650         }
651     }
652     return serial_end;
653 }
654 
smart_socket_enqueue(asocket * s,apacket * p)655 static int smart_socket_enqueue(asocket *s, apacket *p)
656 {
657     unsigned len;
658 #if ADB_HOST
659     char *service = NULL;
660     char* serial = NULL;
661     transport_type ttype = kTransportAny;
662 #endif
663 
664     D("SS(%d): enqueue %d\n", s->id, p->len);
665 
666     if(s->pkt_first == 0) {
667         s->pkt_first = p;
668         s->pkt_last = p;
669     } else {
670         if((s->pkt_first->len + p->len) > MAX_PAYLOAD) {
671             D("SS(%d): overflow\n", s->id);
672             put_apacket(p);
673             goto fail;
674         }
675 
676         memcpy(s->pkt_first->data + s->pkt_first->len,
677                p->data, p->len);
678         s->pkt_first->len += p->len;
679         put_apacket(p);
680 
681         p = s->pkt_first;
682     }
683 
684         /* don't bother if we can't decode the length */
685     if(p->len < 4) return 0;
686 
687     len = unhex(p->data, 4);
688     if((len < 1) ||  (len > 1024)) {
689         D("SS(%d): bad size (%d)\n", s->id, len);
690         goto fail;
691     }
692 
693     D("SS(%d): len is %d\n", s->id, len );
694         /* can't do anything until we have the full header */
695     if((len + 4) > p->len) {
696         D("SS(%d): waiting for %d more bytes\n", s->id, len+4 - p->len);
697         return 0;
698     }
699 
700     p->data[len + 4] = 0;
701 
702     D("SS(%d): '%s'\n", s->id, (char*) (p->data + 4));
703 
704 #if ADB_HOST
705     service = (char *)p->data + 4;
706     if(!strncmp(service, "host-serial:", strlen("host-serial:"))) {
707         char* serial_end;
708         service += strlen("host-serial:");
709 
710         // serial number should follow "host:" and could be a host:port string.
711         serial_end = skip_host_serial(service);
712         if (serial_end) {
713             *serial_end = 0; // terminate string
714             serial = service;
715             service = serial_end + 1;
716         }
717     } else if (!strncmp(service, "host-usb:", strlen("host-usb:"))) {
718         ttype = kTransportUsb;
719         service += strlen("host-usb:");
720     } else if (!strncmp(service, "host-local:", strlen("host-local:"))) {
721         ttype = kTransportLocal;
722         service += strlen("host-local:");
723     } else if (!strncmp(service, "host:", strlen("host:"))) {
724         ttype = kTransportAny;
725         service += strlen("host:");
726     } else {
727         service = NULL;
728     }
729 
730     if (service) {
731         asocket *s2;
732 
733             /* some requests are handled immediately -- in that
734             ** case the handle_host_request() routine has sent
735             ** the OKAY or FAIL message and all we have to do
736             ** is clean up.
737             */
738         if(handle_host_request(service, ttype, serial, s->peer->fd, s) == 0) {
739                 /* XXX fail message? */
740             D( "SS(%d): handled host service '%s'\n", s->id, service );
741             goto fail;
742         }
743         if (!strncmp(service, "transport", strlen("transport"))) {
744             D( "SS(%d): okay transport\n", s->id );
745             p->len = 0;
746             return 0;
747         }
748 
749             /* try to find a local service with this name.
750             ** if no such service exists, we'll fail out
751             ** and tear down here.
752             */
753         s2 = create_host_service_socket(service, serial);
754         if(s2 == 0) {
755             D( "SS(%d): couldn't create host service '%s'\n", s->id, service );
756             sendfailmsg(s->peer->fd, "unknown host service");
757             goto fail;
758         }
759 
760             /* we've connected to a local host service,
761             ** so we make our peer back into a regular
762             ** local socket and bind it to the new local
763             ** service socket, acknowledge the successful
764             ** connection, and close this smart socket now
765             ** that its work is done.
766             */
767         adb_write(s->peer->fd, "OKAY", 4);
768 
769         s->peer->ready = local_socket_ready;
770         s->peer->close = local_socket_close;
771         s->peer->peer = s2;
772         s2->peer = s->peer;
773         s->peer = 0;
774         D( "SS(%d): okay\n", s->id );
775         s->close(s);
776 
777             /* initial state is "ready" */
778         s2->ready(s2);
779         return 0;
780     }
781 #else /* !ADB_HOST */
782     if (s->transport == NULL) {
783         char* error_string = "unknown failure";
784         s->transport = acquire_one_transport (CS_ANY,
785                 kTransportAny, NULL, &error_string);
786 
787         if (s->transport == NULL) {
788             sendfailmsg(s->peer->fd, error_string);
789             goto fail;
790         }
791     }
792 #endif
793 
794     if(!(s->transport) || (s->transport->connection_state == CS_OFFLINE)) {
795            /* if there's no remote we fail the connection
796             ** right here and terminate it
797             */
798         sendfailmsg(s->peer->fd, "device offline (x)");
799         goto fail;
800     }
801 
802 
803         /* instrument our peer to pass the success or fail
804         ** message back once it connects or closes, then
805         ** detach from it, request the connection, and
806         ** tear down
807         */
808     s->peer->ready = local_socket_ready_notify;
809     s->peer->close = local_socket_close_notify;
810     s->peer->peer = 0;
811         /* give him our transport and upref it */
812     s->peer->transport = s->transport;
813 
814     connect_to_remote(s->peer, (char*) (p->data + 4));
815     s->peer = 0;
816     s->close(s);
817     return 1;
818 
819 fail:
820         /* we're going to close our peer as a side-effect, so
821         ** return -1 to signal that state to the local socket
822         ** who is enqueueing against us
823         */
824     s->close(s);
825     return -1;
826 }
827 
smart_socket_ready(asocket * s)828 static void smart_socket_ready(asocket *s)
829 {
830     D("SS(%d): ready\n", s->id);
831 }
832 
smart_socket_close(asocket * s)833 static void smart_socket_close(asocket *s)
834 {
835     D("SS(%d): closed\n", s->id);
836     if(s->pkt_first){
837         put_apacket(s->pkt_first);
838     }
839     if(s->peer) {
840         s->peer->peer = 0;
841         s->peer->close(s->peer);
842         s->peer = 0;
843     }
844     free(s);
845 }
846 
create_smart_socket(void)847 static asocket *create_smart_socket(void)
848 {
849     D("Creating smart socket \n");
850     asocket *s = calloc(1, sizeof(asocket));
851     if (s == NULL) fatal("cannot allocate socket");
852     s->enqueue = smart_socket_enqueue;
853     s->ready = smart_socket_ready;
854     s->close = smart_socket_close;
855 
856     D("SS(%d)\n", s->id);
857     return s;
858 }
859 
connect_to_smartsocket(asocket * s)860 void connect_to_smartsocket(asocket *s)
861 {
862     D("Connecting to smart socket \n");
863     asocket *ss = create_smart_socket();
864     s->peer = ss;
865     ss->peer = s;
866     s->ready(s);
867 }
868